Banned Chinese Apps Back In Cloned Avatars

Banned Chinese Apps Back In Cloned Avatars

Chinese apps, banned by the government for security concerns, are coming back with new names and with different countries of origin. It is critical for civil society and citizens to identify such apps and alert the government in order to maintain security and hygiene in the Indian app ecosystem.

In July this year, right after the ban on Chinese apps because of security concerns, I had written in this column on how surely, the apps will start to come back through various channels. That is the challenge of bans in the digital world.

My July article essentially predicted that the Chinese apps will come back by either renaming themselves, or by showing another country as their headquarters, or a combination of both. This makes it very difficult for the Indian government to keep track of banned Chinese apps, reappearing in new skins.

The case of Snack Video is one of the most interesting. Not only did it not come up almost immediately after the ban on its previous avatar, Kwai, but it has also been able to ramp up to over 50 million daily active users. This is a matter of significant concern, given the security implications. This led to the Centre for Digital Economy Policy Research (C-DEP.org) to send letters to the ministry of home and the ministry of electronics and information technology, alerting them about the developments.

So, what is the issue of the Kwai-Snack Video case? Kwai, the banned Chinese app, had a large user base in India and is owned by the Beijing-based company, Beijing Kuaishou Technology Co. Ltd. Soon after it was banned in India, Snack Video, a short video application, popped up in the app stores in India. Snack video is apparently operated by Symphony Tech Pte. Ltd., a Singapore-based entity. However, the ultimate owner is the same Beijing based company, Beijing Kuaishou Technology Co, Ltd, that runs the banned Kwai app.

Various news reports confirm that Snack Video is an international offering of Kuaishou Technology Co. Ltd., along with the application Kwai. There is an entire Wikipedia page on the same. Snack Video is essentially the international version of the application Kwai, specifically marketed to foreign nationals, outside of China.  In fact, when a user clicks on the “Google Playstore” link for the application, it automatically redirects a user to Snack Video.

Interestingly, a quick search on LinkedIn shows that the Indian employees of Kwaihave marked their next job as that in Snack Video.

Therefore, it is quite obvious that Snack Video is a mirrored offering of the banned application “Kwai”, and thus, the application poses the same risks as the banned application Kwai, and is essentially operating in violation of the orders of the government.

What is even more alarming is the apparent links between the founders of Snack Video and the Communist Party of China, that runs the government. The application was developed by its founders Cheng Yixiao and Su Hua, who are not only Chinese citizens, but also, according to news reports, have assisted The People’s Daily, the official newspaper of China’s ruling Communist Party, to develop a short video streaming platform named People’s Daily. Further, according to news reports, Su Hua leads a Communist Party of China branch within Kuaishou.

What makes such apps more of a security threat is the massive amounts of data it collects, which has nothing to do with the service it provides. The application takes several security-sensitive and intrusive permissions such as to record audio on its own, capture geographic location, and get complete network access – which allows it to view the network connections and WiFi connections. The app can also download files without user notification, which is a grave security threat.

The app has several other intrusive features such as the ability to prevent the phone from sleeping function, the ability to view other apps running in the background, having its own clipboard function, ability to move the other apps that are running, to the foreground to capture data, and it can read badge notifications. Further, the app can access and modify (including delete) all data on an SD card. It also has a sticky broadcast feature which is a highly intrusive mechanism for pushing a broadcast in front of a user. All this makes Snack Video (and other similar Chinese apps), a grave threat to Indian users and to Indian security.

Moreover, we could not find any videos on the protests of Tibetansor on Xinjiang or on the ill-treatment of Uighurs which clearly indicates censoring of content that is aligned to the interest of the Chinese government. This is not surprising as the app is regulated by Chinese national security laws, given that it is a China-based app. These laws of China require China’s citizens and companies to support the state in intelligence-gathering activities. It includes the National Security Law of the People’s Republic of China: creating an obligation on citizens and organisations to provide support to military, and security organisations;  the State Intelligence Law of the People’s Republic of China: providing support to intelligence bodies; Cybersecurity Law of the People’s Republic of China: assist the state in maintaining cybersecurity and preventing external and internal threats, and Cybersecurity Law of the People’s Republic of China: provide assistance and technical support to maintain national security.

It is a wake-up call for us to realize that monitoring our app ecosystem on a continuous basis is critical for maintaining the digital and cybersecurity envelope of the country. The message could not have come at a better time than when the world is celebrating Cybersecurity month. It is also a wake-up call for civil society and the citizens that it is also their duty to support the government in identifying such rogue apps in our app ecosystem such that the government can take appropriate steps.

OUTLOOK

Leave a Reply

Your email address will not be published.